FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
5721ae65-b30a-11e9-a87f-a4badb2f4699	FreeBSD -- pts(4) write-after-free Problem Description: The code which handles a close(2) of a descriptor created by posix_openpt(2) fails to undo the configuration which causes SIGIO to be raised. This bug can lead to a write-after-free of kernel memory. Impact: The bug permits malicious code to trigger a write-after-free, which may be used to gain root privileges or escape a jail. Discovery 2019-07-24 Entry 2019-07-30 FreeBSD-kernel ge 12.0 lt 12.0_8 ge 11.2 lt 11.2_12 ge 11.3 lt 11.3_1 CVE-2019-5606 SA-19:13.pts

VuXML ID

Description

5721ae65-b30a-11e9-a87f-a4badb2f4699

FreeBSD -- pts(4) write-after-free

Problem Description:

The code which handles a close(2) of a descriptor created by posix_openpt(2) fails to undo the configuration which causes SIGIO to be raised. This bug can lead to a write-after-free of kernel memory.

Impact:

The bug permits malicious code to trigger a write-after-free, which may be used to gain root privileges or escape a jail.

Discovery 2019-07-24
Entry 2019-07-30
FreeBSD-kernel

ge 12.0 lt 12.0_8

ge 11.2 lt 11.2_12

ge 11.3 lt 11.3_1

CVE-2019-5606
SA-19:13.pts